Understanding the Meltdown Attack

Understanding the Meltdown Attack

This month, security researchers released a whitepaper describing the Meltdown attack, which allows anyone to read the full physical memory of a system by exploiting a vulnerability in Intel processors. If that sounds bad, that’s because it is. It means that if you’re running workloads on a public cloud provider, and you don’t have a dedicated server, an attacker can read what your workloads are putting into memory. This includes passwords, private keys, credit card numbers, your cat’s middle name, etc.

How Meltdown works

As a way of eking out every ounce of speed, modern processors perform out-of-order execution. Rather than executing a program one instruction at a time, the processor fetches multiple instructions at once and places them in an instruction queue. It then executes each instruction as soon as possible (and usually out-of-order) and stores each instruction’s output (if there is any) in a cache.

Now here’s the kicker. An instruction can do nasty things. Out-of-order execution runs instructions that the program isn’t allowed to run. Take the following assembly instruction:

; rcx = kernel address
mov al, byte [rcx]

This copies one byte of data from the kernel memory and places it in a temporary portion of CPU memory, called a register. With in-order processing, the CPU would not allow this instruction to execute.

But with out-of-order execution, the CPU does execute the instruction, and it stores the resulting byte value in a temporary cache. The CPU then raises an exception and terminates the program.

But the byte value is still stored in the cache. This is where the flaw in Intel’s microcode lies. The CPU should clear the cache as soon as the exception is raised. But it doesn’t. It leaves it there, vulnerable to another type of side-channel attack called a cache attack.

Cache attacks have been around for years, and there are several different types which an hacker can use in conjunction with Meltdown to figure out the data stored in cache. For a great explanation of how these attacks work, check out Bert Hubert’s article on Spectre and Meltdown. It’s trivial for an attacker to pull one off, quickly.

Only Intel Processors were Shown to be Vulnerable

The researchers were not able to duplicate the results on AMD or ARM processors, which also use out-of-order execution. They speculate that they theoretically could, but they were not able to at the time they released the paper. You certainly shouldn’t assume that all non-Intel processors are immune to Meltdown.

Disabling out-of-order execution isn’t the answer

In order to be effective, the Meltdown attack depends on out-of-order execution as a necessary but not sufficient condition. Thus, simply having out-of-order execution enabled is not enough to make Meltdown possible. Disabling out-of-order execution does prevent Meltdown, but the performance impact is substantial.

What about Spectre?

Spectre is not the same as Meltdown. Although Spectre works against all CPUs, including Intel, AMD, and ARM, pulling off a Spectre attack is trickier. But both are equally bad and rely on out-of-order execution, which is why you usually see them lumped together.

You don’t need to replace your hardware

You don’t need to replace your hardware, and anyone who says you do is either trying to tell you something. Now for the obvious part. To mitigate Meltdown and Spectre, install the latest security patches for your operating system, BIOS, and CPU firmware — after sufficient testing, of course.

Other Posts

One thought on “Understanding the Meltdown Attack”

Meltdown silicon level is two faults. KPTI in the Linux kernel was developed for another fault that allows decoding of address randomization. Out of order off does not prevent the decoding of address randomization to be done. Meltdown core is a MMU/cache bug if that MMU/cache bug is not there you cannot do Meltdown even with out of order execution..

Yes “TLB Side Channel” silicon fault + out of order equals direct data leak possibilities that is Meltdown. Without out of order TLB Side Channel still equals breaking address randomization and allowing exploits to be crafted to work that could not work otherwise.

KPTI patches against Meltdown are not only blocking the data leak but also blocking a information leak about kernel address randomization.

Basically 1 bug at silicon level is creating two exploits. We are still thinking of Meltdown as 1 exploit when the fault hidden there is in fact two design faults. So the design fault 1 that creates Meltdown goes back to 286 but the 286 you can only do kernel address space randomization decoding and design fault 2 is in the out of order exeuction. The idea that you have protected self by going back to a pre out of order execution cpu from everything about Meltdown is wrong because that forgetting that the address space randomization can be still decoded without the out of order extras that allow you to copy all the memory.